iptables TARPIT

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I have some iptables POM extensions ompiled into my 2.4.32 kernel
including TARPIT.  And, I have crafted some rules to tarpit some
persistent  IP's.  But, this only works for TCP traffic.. how does one
slow down the pervasive unwanted UDP and ICMP traffic?


Re: iptables TARPIT

Quoted text here. Click to load it

By not replying at all.  Those protocols are not connection-oriented, so
you couldn't freeze scanners much, anyway.  By the way, don't forget
that each frozen TARPIT connection actually uses resources on your
system.  I don't think that it allows DoS attacks, but for older
systems, this may be a stability problem.  I wouldn't use it for now,
and instead just keep DROP-ing unwanted packets.  There is some reason
for the TARPIT target not to be in the stable releases.


Site Timeline